DevOps

Platform Engineering with AWS Proton - Self-Service Infrastructure Template Delivery

Learn about Proton's infrastructure template management, separation of environments and services, and developer self-service design.

約 3 分で読めます

Overview of Proton

Proton is a service where platform teams manage infrastructure templates and provide developers with self-service deployment. Platform teams create templates that meet security and compliance requirements, and developers can provision infrastructure simply by selecting a template. The two-layer structure of environment templates and service templates separates infrastructure and application responsibilities.

Templates and Self-Service

Environment templates define shared infrastructure such as VPCs, ECS clusters, and RDS instances. Service templates define application deployment configurations such as ECS services, Lambda functions, and API Gateway. Developers select environment and service templates from the Proton console and enter parameters (instance size, environment name) to complete deployment. When a major template version is updated, existing services receive an update recommendation notification, and developers apply the update at their convenience.

Template Versioning and Update Strategy

Proton templates are managed with major/minor versioning. Minor version updates can be automatically applied to existing service instances, useful for security patches and minor configuration adjustments. Major version updates may include breaking changes, so developers must explicitly perform the upgrade. To safely update templates, establish a flow where minor versions are first applied to test environment instances, verified, and then rolled out to production. Template source code is managed in a Git repository, and templates are registered in Proton only after pull request-based review, ensuring infrastructure change quality. Template bundles use Jinja templates to dynamically generate CloudFormation templates based on developer-provided parameters. For understanding platform automation strategies, see related books on Amazon.

Responsibility Boundaries Between Platform Teams and Developers

Proton's design philosophy is to clearly separate the responsibilities of platform teams and developers. Platform teams create and manage environment templates and service templates, ensuring security, compliance, and cost efficiency. Developers select from the template catalog and provision infrastructure by entering the required parameters. This separation means developers no longer need to worry about infrastructure details like VPC CIDR design or security group rule configuration. However, if templates lack flexibility, they cannot meet developer requirements, and customizations outside templates increase, complicating management. Template parameter design requires careful consideration of the balance between developer freedom and governance.

Summary

Proton is a service that supports platform engineering practices by enabling infrastructure template cataloging and self-service deployment. Template versioning ensures safe updates, and clear responsibility boundaries between platform teams and developers maintain governance while improving development velocity. Template parameter design is the key to successful adoption.

Related Services

AWS ProtonA service where platform teams provide infrastructure templates and developers deploy via self-serviceAWS CloudFormationAn IaC service that defines and provisions AWS resources as code using templatesAWS CodePipelineA service for building and automating CI/CD pipelines from source to deployment

Related Articles

IaC with Programming Languages Using AWS CDK - Designing Constructs and StacksLearn about defining infrastructure with TypeScript/Python using CDK, choosing between L1/L2/L3 constructs, and testing techniques.Practicing Infrastructure as Code with AWS CloudFormation - Template Design and Stack ManagementDefine infrastructure with templates and preview impact with change sets before deployment. Detect configuration drift with drift detection and deploy across your entire organization with StackSets.Platform Engineering - Standardizing Infrastructure Templates with AWS ProtonBuild an internal platform with Proton and Service Catalog to provide developers with self-service infrastructure provisioning. Learn about template management and governance design patterns.

More on This Topic

Automated Deployment Strategies - Continuous Delivery with AWS CodeDeploy and CodePipelineLearn how to build automated deployments using AWS CodeDeploy and CodePipeline. This guide covers diverse deployment strategies for EC2, Lambda, and ECS, along with practical continuous delivery techniques using pipelines.Reading AWS's Next 3 Years from re:Invent Announcements - Service Lifecycles and the Rules of DeprecationFace the reality that AWS services have lifespans, examining cases like CodeCommit's enrollment freeze and SimpleDB's de facto end, and provide a technology selection perspective for identifying services that will endure.Chaos Engineering in Practice - Verifying Fault Tolerance with AWS Fault Injection SimulatorLearn about practicing chaos engineering with AWS Fault Injection Simulator (FIS). Covers designing fault injection scenarios, injecting faults into EC2, ECS, and RDS, and conducting safe experiments.CI/CD Pipeline Automation - Continuous Delivery with AWS CodePipelineLearn about CI/CD pipeline automation using AWS CodePipeline and CodeBuild.How Far Does CloudFormation Drift Detection See - How It Tracks Manual Changes and Its LimitationsLearn how CloudFormation drift detection internally compares the current state of resources with the expected state defined in templates, the boundary between detectable and undetectable changes, and strategies for drift remediation.What Happens During a CloudFormation Stack Update - Behind Change Sets, Rollbacks, and ReplacementsLearn about the internal processing flow when CloudFormation updates a stack, including how change sets detect differences, the logic behind resource update, replacement, and deletion decisions, and how rollbacks work.AWS CodeDeploy Deployment Strategies - Blue/Green Deployments for EC2, ECS, and LambdaManage deployment strategies across three platforms - EC2, ECS, and Lambda - in a unified way. This article covers ECS blue/green deployments and automatic rollback triggered by CloudWatch alarms.AWS CodeDeploy EC2/On-Premises Deployment - Designing AppSpec and Lifecycle HooksDeclaratively define deployment target paths and lifecycle hooks using AppSpec files. Learn about fleet management with tag-based deployment groups and Auto Scaling integration.

Similar Articles and Services

Platform Engineering - Standardizing Infrastructure Templates with AWS ProtonBuild an internal platform with Proton and Service Catalog to provide developers with self-service infrastructure provisioning. Learn about template management and governance design patterns.Practicing Infrastructure as Code with AWS CloudFormation - Template Design and Stack ManagementDefine infrastructure with templates and preview impact with change sets before deployment. Detect configuration drift with drift detection and deploy across your entire organization with StackSets.AWS CloudFormationAn Infrastructure as Code service that lets you define and manage AWS infrastructure using JSON or YAML templates, handling the entire lifecycle of resources as a single stack